"Hacknotes network security portable reference gives step-by-step details of intrusion tactics, tools and techniques used to compromise computer networks. Understand how the attacks work, then learn how to assess and strenghten your systems through a series of tested and trusted anti-hacking methods.

Introduction

There are currently four books in the hack notes series, I choose to review network security first due to an interest in this area and it being more generic rather the other more platform specific titles. This book is purposely kept to an acceptable number of pages and is meant to be a portable reference providing condensed security reference information.

The two main authors work with FoundStone and have worked for various employers including army counterintelligence and Ernst & Young. The contributing authors specialise in different areas including web applications, intrusion detection and network assessment.

Contents

The book has 10 chapters, each ending with a small review. In the centre of the book there is a reference centre section. These contain a range of useful information for quick reference such as networking command line syntax, enumeration tools, UNIX system and network commands, Cisco IOS reference, common exploitable services / ports and a decimal,hex,binary,ascii conversion table.

The book gives both the administrators' perspective and that of the attacker, so although it is written from a preventative viewpoint any budding script kiddies would also find interest in this.

Whilst the first two chapters deal with principles and risk management, the next parts deal with concepts and attacks themselves, with the final chapters covering common methods, response and hardening.

An application enumeration section covers a range of methods using popular tools with full syntax examples. This starts with using nmap and scanline, to find services and fingerprint operating systems. The first actual example is exploiting typical netbios issues using null sessions and then prevention covering registry entries to restrict anonymous access.

The 'attack, compromise and escalate' section then starts with UNIX exploits. Bearing in mind the books small size common exploitable services are listed here with general information on potential methods and insecurities. These are by no means comprehensive lists of how to exploit specific services but more a brief reference to point the user in a direction for more research for common vulnerabilities. Where needed there are useful code snippets such as finding SUID/SGID and leftover core files. Next up is the windows section which is split into 9x/ME and NT/2000, which is dealt with in the same way with syntax and URLs.

The reference centre is next which is mentioned in the contents, and contains 'hacking steps' which are logical lists of methods to try against systems. This ends with a good list of must-have free or low cost tools ranging from network probing and enumerating to lockdown and assessment tools.

There is a brief wireless section (sample) and then a dedicated web application security chapter. This contains lots of useful references which aren't platform specific such as session management, code validation and encryption.

The final sections cover common tactics and hardening lists which are more comprehensive than the initial list of services in the earlier attacks section.

The different approach of the smaller books work well, the small size is quick and easy reading and would appeal both to beginners wanting to learn about hacking & prevention quickly and to people with some experience wanting to explore areas in more detail.

Conclusion

There are currently 4 titles in the hack notes series all from the publisher of hacking exposed. The style is the same as the exposed series and is a 'cut-down' book. I would have liked to have seen more firewalling examples of free software for both linux and windows and maybe some basic cisco access control lists to aid beginners and for quick reference. The other titles focus in on linux, windows and web security.

Security Forums Discount

The publishers Mcgraw Hill have kindly setup a discount section for Security Forums' users. Discounts can be up to 30% off the RRP and postage is free on all orders over £20 in the UK & Central Europe.